How To Provision and Manage Remote Docker Hosts with Docker Machine on Ubuntu 16.04

Updated on May 21, 2018
How To Provision and Manage Remote Docker Hosts with Docker Machine on Ubuntu 16.04
Not using Ubuntu 16.04?Choose a different version or distribution.
Ubuntu 16.04


Docker Machine is a tool that makes it easy to provision and manage multiple Docker hosts remotely from your personal computer. Such servers are commonly referred to as Dockerized hosts, and as a matter of course, can be used to run Docker containers.

While Docker Machine can be installed on a local or a remote system, the most common approach is to install it on your local computer (native installation or virtual machine) and use it to provision Dockerized remote servers.

Though Docker Machine can be installed on most Linux distribution as well as Mac OS X and Windows, in this tutorial, we’ll be installing it on your local machine running Ubuntu 16.04 and use it to provision Dockerized DigitalOcean Droplets.


To follow this tutorial, you will need the following:

  • A local machine running Ubuntu 16.04 with Docker installed (see How To Install and Use Docker on Ubuntu 16.04 for instructions)
  • A DigitalOcean API token. If you don’t have one, generate it using this guide. When you generate a token, be sure that it has read-write scope. That is the default, so if you do not change any option while generating it, it will have read-write capabilities. To make it easier to use on the command line, be sure to assign the token to a variable as given in that article.

Step 1 — Installing Docker Machine on Your Local Computer

In this step, we’ll work through the process of installing Docker Machine on your local computer running Ubuntu 16.04.

To download and install the Docker Machine binary, type:

  1. wget https://github.com/docker/machine/releases/download/v0.14.0/docker-machine-$(uname -s)-$(uname -m)

The name of the file should be docker-machine-Linux-x86_64. Rename it to docker-machine to make it easier to work with:

  1. mv docker-machine-Linux-x86_64 docker-machine

Make it executable:

  1. chmod +x docker-machine

Move or copy it to the usr/local/bin directory so that it will be available as a system command.

  1. sudo mv docker-machine /usr/local/bin

Check the version, which will indicate that it’s properly installed:

  1. docker-machine version

The output should be similar to

docker-machine version 0.14.0, build 89b8332

Step 2 — Installing Additional Docker Machine Scripts

There are three bash scripts in the Docker Machine GitHub repository designed to facilitate the usage of the docker and docker-machine commands. They provide command completion and bash-prompt customization.

In this step, we’ll install these three scripts on your local machine. They will be downloaded and installed into the /etc/bash_completion.d directory.

The first script allows you to see the active machine from your bash prompt. This comes in handy when you are working with and switching between multiple Dockerized machines. The script is called docker-machine-prompt.bash. To download it, type:

  1. sudo wget https://raw.githubusercontent.com/docker/machine/master/contrib/completion/bash/docker-machine-prompt.bash -O /etc/bash_completion.d/docker-machine-prompt.bash

To complete the installation of the above file, you’ll have to set a custom value for the PS1 variable in your .bashrc file. To do so, open it using nano (PS1 is a special shell variable used to modify the bash command prompt):

  1. nano ~/.bashrc

Within that file, there are three lines that begin with PS1. They should be just like these:

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '

PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"

For each line, insert $(__docker_machine_ps1 " [%s]") near the end so that they read:

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]$(__docker_machine_ps1 " [%s]")\$ '

PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w$(__docker_machine_ps1 " [%s]")\$ '

PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$(__docker_machine_ps1 " [%s]")$PS1"

Save and close the file.

The second script is called docker-machine-wrapper.bash. It adds a use subcommand to the docker-machine command, making it easy to switch between Docker Machines. To download it, type:

  1. sudo wget https://raw.githubusercontent.com/docker/machine/master/contrib/completion/bash/docker-machine-wrapper.bash -O /etc/bash_completion.d/docker-machine-wrapper.bash

The third script is called docker-machine.bash. It adds bash completion for docker-machine commands. Download it using:

  1. sudo wget https://raw.githubusercontent.com/docker/machine/master/contrib/completion/bash/docker-machine.bash -O /etc/bash_completion.d/docker-machine.bash

To apply the changes you’ve made so far, close, then reopen your terminal. If you’re logged into the machine via SSH, exit the session and log in again. Command completion for the docker and docker-machine commands should now be working.

Step 3 — Provisioning a Dockerized Host Using Docker Machine

Now that you have Docker and Docker Machine running on your local machine, you can now provision a Dockerized Droplet on your DigitalOcean account using Docker Machine’s docker-machine create command. If you’ve not done so already, assign your DigitalOcean API token to a bash variable using:

  1. export DOTOKEN=your-api-token

NOTE: This tutorial uses DOTOKEN as the bash variable for the DO API token. The variable name does not have to be DOTOKEN, and it does not have to be in all caps.

To make the variable permanent, put it in your ~/.bashrc file. This step is optional, but it is necessary if you want to the value to persist across terminal sessions.

Open that file with nano:

  1. nano ~/.bashrc

Add a line similar to this anywhere:

export DOTOKEN=your-api-token

To activate the variable in the current terminal session, type:

  1. source ~/.bashrc

To call the docker-machine create command successfully you must specify (at a minimum) the driver, the API token (or the variable that evaluates to it), and a unique name for the machine. To create your first machine, type:

  1. docker-machine create --driver digitalocean --digitalocean-access-token $DOTOKEN machine-name

Partial output as the machine is being created follows. In this output, the name of the machine is ubuntu1604-docker:

... Installing Docker... Copying certs to the local machine directory... Copying certs to the remote machine... Setting Docker configuration on the remote daemon... Checking connection to Docker... Docker is up and running! To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env ubuntu1604-docker

An SSH key pair is created for the new host so that docker-machine can access it remotely. The Droplet is provisioned with the desired operating system, and Docker is installed on the system. When the command is complete, your Docker Droplet is up and running.

To see the newly create machine from the command line, type:

  1. docker-machine ls

The output should be similar to this:

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS ubuntu1604-docker - digitalocean Running tcp:// v18.05.0-ce

Step 4 — Specifying the Base OS When Creating a Dockerized Host

By default, the base operating system used when creating a Dockerized host with Docker Machine is supposed to be the latest Ubuntu LTS. However, at the time of this publication, the docker-machine create command is still using Ubuntu 16.04 LTS as the base operating system, even though Ubuntu 18.04 is the latest LTS edition. So if you need to run Ubuntu 18.04 on a recently-provisioned machine, you’ll have to specify Ubuntu along with the desired version by passing the --digitalocean-image flag to the docker-machine create command.

For example, to create a machine using Ubuntu 18.04, type:

  1. docker-machine create --driver digitalocean --digitalocean-image ubuntu-18-04-x64 --digitalocean-access-token $DOTOKEN machine-name

You’re not limited to a version of Ubuntu. You can create a machine using any operating system supported on DigitalOcean. For example, to create a machine using Debian 8, type:

  1. docker-machine create --driver digitalocean --digitalocean-image debian-8-x64 --digitalocean-access-token $DOTOKEN machine-name

To provision a Dockerized host using CentOS 7 as the base OS, specify centos-7-0-x86 as the image name, like so:

  1. docker-machine create --driver digitalocean --digitalocean-image centos-7-0-x64 --digitalocean-access-token $DOTOKEN centos7-docker

The base operating system is not the only choice you have. You can also specify the size of the Droplet. By default, it is the smallest Droplet, which has 1 GB of RAM, a single CPU, and a 25 GB SSD.

Find the size of the Droplet you want to use by looking up the corresponding slug in the DigitalOcean API documentation.

For example, to provision a machine with 2 GB of RAM, two CPUs, and a 60 GB SSD, use the slug s-2vcpu-2gb:

  1. docker-machine create --driver digitalocean --digitalocean-size s-2vcpu-2gb --digitalocean-access-token $DOTOKEN machine-name

To see all the flags specific to creating a Docker Machine using the DigitalOcean driver, type:

  1. docker-machine create --driver digitalocean -h

Tip: If you refresh the Droplet page of your DigitalOcean dashboard, you will see the new machines you created using the docker-machine command.

Step 5 — Executing Additional Docker Machine Commands

You’ve seen how to provision a Dockerized host using the create subcommand. You also seen how to list the hosts available to Docker Machine using the ls subcommand. In this step, you’ll learn a few more docker-machine subcommands.

To obtain detailed information about a Dockerized host, use the inspect subcommand, like so:

  1. docker-machine inspect machine-name

The output should include lines like these. The Image line reveals the version of the Linux distribution used and the size line indicates the size slug:

... { "ConfigVersion": 3, "Driver": { "IPAddress": "", "MachineName": "ubuntu1604-docker", "SSHUser": "root", "SSHPort": 22, ... "Image": "ubuntu-16-04-x64", "Size": "s-1vcpu-1gb", ... }, ---

To print the connection configuration for a host, type:

  1. docker-machine config machine-name

The output should be similar to this:

--tlsverify --tlscacert="/home/kamit/.docker/machine/certs/ca.pem" --tlscert="/home/kamit/.docker/machine/certs/cert.pem" --tlskey="/home/kamit/.docker/machine/certs/key.pem" -H=tcp://

The last line in the output of the docker-machine config command reveals the IP address of the host, but you can also get that piece of information by typing:

  1. docker-machine ip machine-name

If you need to power down a remote host, you can use docker-machine to stop it:

  1. docker-machine stop machine-name

Verify that it is stopped.

  1. docker-machine ls

The status of the machine has changed:

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS ubuntu1604-docker digitalocean Timeout

To start it again:

  1. docker-machine start machine-name

Verify that it is started:

  1. docker-machine ls

You will see that the STATE is now set Running for the host:

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS ubuntu1604-docker - digitalocean Running tcp:// v18.05.0-ce

Then you may remove it using:

  1. docker-machine rm machine-name

The Droplet is deleted along with the SSH key created for it by docker-machine. Now, when you list the Dockerized hosts, you shouldn’t see the one you just deleted:

  1. docker-machine ls

Step 6 — Executing Commands on a Dockerized Host via SSH

At this point, you’ve been getting information about your machines, but you can do more than that. For example, you can execute native Linux commands on a Docker host by using the ssh subcommand of docker-machine from your local system. This section explains how to perform ssh commands via docker-machine as well as how to open an SSH session to a Dockerized host.

Assuming that you’ve provisioned a machine with Ubuntu as the operating system, execute the following command from your local system to update the package database on the Docker host:

  1. docker-machine ssh machine-name apt-get update

You can even apply available updates using:

  1. docker-machine ssh machine-name apt-get upgrade

Not sure what kernel your remote Docker host is using? Type the following:

  1. docker-machine ssh machine-name uname -r

Besides using the ssh subcommand to execute commands on the remote Docker host, you can also use it to log into the machine itself. It’s as easy as typing:

  1. docker-machine ssh machine-name

Your command prompt will change to reflect the fact that you’re logged into the remote host:


To exit from the remote host, type:


Step 7 — Activating a Dockerized Host

Activating a Docker host connects your local Docker client to that system, which makes it possible to run normal docker commands on the remote system. To activate a Docker host, type the following command:

  1. eval $(docker-machine env machine-name)

Alternatively, you can activate it by using this command:

  1. docker-machine use machine-name

Tip: When working with multiple Docker hosts, the docker-machine use command is the easiest method of switching from one to the other.

After typing any of the above commands, your bash prompt should change to indicate that your Docker client is pointing to the remote Docker host. It will take this form. The name of the host will be at the end of the prompt:

username@localmachine:~ [machine-name]$

Now any docker command you type at this command prompt will be executed on that remote host.

If a host is active on the terminal that the docker-machine ls command is run, the asterisk under the ACTIVE column shows that it is the active one.

NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS ubuntu1604-docker * digitalocean Running tcp:// v18.05.0-ce

To exit from the remote Docker host, type the following:

docker-machine use -u

You will be returned to the prompt for your local system.

Now let’s create containers on the remote machine.

Step 8 — Creating Docker Containers on a Remote Dockerized Host

So far, you have provisioned a Dockerized Droplet on your DigitalOcean account and you’ve activated it — that is, your Docker client is pointing to it. The next logical step is to spin up containers on it. As an example, let’s try running the official Nginx container.

Use docker-machine use to select your remote machine:

  1. docker-machine use machine-name

Now execute this command to run an Nginx container on that machine:

  1. docker run -d -p 8080:80 --name httpserver nginx

In this command, we’re mapping port 80 in the Nginx container to port 8080 on the Dockerized host so that we can access the default Nginx page from anywhere.

If the command executed successfully, you will be able to access the default Nginx page by pointing your Web browser to http://docker_machine_ip:8080.

While the Docker host is still activated (as seen by its name in the prompt), you should be able to list the images on that host:

docker images

The output should include the Nginx image you just used, plus others you downloaded before:

REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest ae513a47849c 3 weeks ago 109MB

You can also list the active or running containers on the host:

  1. docker ps

If the Nginx container you ran in this step is the only active container, the output should look like this:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4284f9d25548 nginx "nginx -g 'daemon of…" 20 minutes ago Up 20 minutes>80/tcp httpserver

To exit the prompt for the remote host, type. This will close the terminal as well:

  1. exit

Note: If you intend to create containers on a remote machine, your Docker client must be pointing to it — that is, it must be the active machine in the terminal that you’re using. Otherwise you’ll be creating the container on your local machine. Again, let your command prompt be your guide.

Step 9 — Disabling Crash Reporting (Optional)

By default, whenever an attempt to provision a Dockerized host using Docker Machine fails or Docker Machine crashes, some diagnostic information is sent automatically to a Docker account on Bugsnag. If you’re not comfortable with this, you can disable the reporting by creating an empty file called no-error-report in your installation .docker/machine directory.

To create the file, type:

  1. touch ~/.docker/machine/no-error-report

Check the file for error messages if provisioning fails or Docker Machine crashes.


This has been an introduction to installing and using Docker Machine to provision multiple Docker Droplets remotely from one local system. Now you should be able to quickly provision as many Dockerized hosts on your DigitalOcean account as you need.

For more on Docker Machines, visit the official documentation page. The three Bash scripts downloaded in this tutorial are hosted on this GitHub page.

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about us

About the authors
Default avatar


Default avatar
Tammy Fox


Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

This guide appears to be out of date. Not sure if there are any newer ones on this site, but following it and running the command:

docker-machine create --driver digitalocean --digitalocean-access-token $DOTOKEN ubuntu1604-docker

resulted in

Error creating machine: Error in driver during machine creation: POST https://api.digitalocean.com/v2/droplets: 422 You specified an invalid image for Droplet creation.

To fix it, I followed the official Docker guide on DigitalOcean usage with Ubuntu here, using the command:

curl -L https://github.com/docker/machine/releases/download/v0.10.0/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine &&
  chmod +x /tmp/docker-machine &&
  sudo cp /tmp/docker-machine /usr/local/bin/docker-machine

docker-machine: ‘use’ is not a docker-machine command. See ‘docker-machine --help’.

According to the docs it is not possible to set the project where the droplets will be created. So the default project is used to deploy the droplets on.

Any change it could be set by a preference?

When I run docker-machine create, I get an error. Here’s output with debug turned on. The machine-name is ‘docker-registry’. Command

docker-machine create --driver digitalocean --digitalocean-image ubuntu-18-04-x64 --digitalocean-access-token $DOTOKEN docker-registry


checking docker daemon
(docker-registry) Calling .GetSSHHostname
(docker-registry) Calling .GetSSHPort
(docker-registry) Calling .GetSSHKeyPath
(docker-registry) Calling .GetSSHKeyPath
(docker-registry) Calling .GetSSHUsername
Using SSH client type: external
Using SSH private key: /home/kobenauf/.docker/machine/machines/docker-registry/id_rsa (-rw-------)
&{[-F /dev/null -o PasswordAuthentication=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none root@159.20
3.66.142 -o IdentitiesOnly=yes -i /home/kobenauf/.docker/machine/machines/docker-registry/id_rsa -p 22] /usr/bin/ssh <nil>}
About to run SSH command:
sudo docker version
SSH cmd err, output: exit status 1: sudo: docker: command not found

Error getting SSH command to check if the daemon is up: ssh command error:
command : sudo docker version
err     : exit status 1
output  : sudo: docker: command not found

Earlier in the output I noticed:

About to run SSH command:
if ! type docker; then curl -sSL https://get.docker.com | sh -; fi
SSH cmd err, output: <nil>: bash: line 0: type: docker: not found

When I run just curl -sSL https://get.docker.com it tells me the certificate has expired. It seems that is causing docker not to install and the rest to fail.

Thanks great article…but how do you connect to your swarm from yet another machine ? i would imagine something like eval $(docker-machine env production-manager-1) but the new machine has no knowledge of what production-manager-1 is.

I followed the steps but it didn’t work at first, I got this when running the docker-machine create command:

Error creating machine: Error in driver during machine creation: POST https://api.digitalocean.com/v2/droplets: 422 You specified an invalid image for Droplet creation.

So I created the machine specifying the ubuntu image explicitly:

docker-machine create --driver digitalocean --digitalocean-image ubuntu-16-04-x64 --digitalocean-access-token $DOTOKEN ubuntu-docker-test

I got past the error to get this new output:

Running pre-create checks...
Creating machine...
(ubuntu1604-docker) Creating SSH key...
(ubuntu1604-docker) Creating Digital Ocean droplet...
(ubuntu1604-docker) Waiting for IP address to be assigned to the Droplet...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with ubuntu(systemd)...
Installing Docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Error creating machine: Error running provisioning: ssh command error:
command : sudo systemctl -f start docker
err     : exit status 1
output  : Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

According to this thread this is apparently related to a version mismatch problem so I provisioned the machined using the command specified in the thread:

docker-machine create --driver digitalocean --digitalocean-image ubuntu-16-04-x64 --digitalocean-access-token $DOTOKEN --engine-install-url=https://web.archive.org/web/20170623081500/https://get.docker.com ubuntu1604-docker-new

After this, the machine got successfully created.

Thank you for the tutorial, it’s very easy to follow and works perfectly.

The only question I have is, which are the outgoing firewall ports that need to be opened up to be able to run ‘docker run…’ from behind the digital ocean cloud firewall?

thanks in advance :)

What is the remote machines initial firewall configuration? Can it be strengthened?

Is it possible to enable private networking while creating a new host?

Thanks for writing this post. Does any one have any tips on resizing a machine provisioned by docker-machine? What are the steps to correctly vertical scale a droplet and making sure it will re-attach to the swarm after resizing?

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Join the Tech Talk
Success! Thank you! Please check your email for further details.

Please complete your information!

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel